diff options
Diffstat (limited to 'src/man/sv/sssd.conf.5.xml')
| -rw-r--r-- | src/man/sv/sssd.conf.5.xml | 57 |
1 files changed, 52 insertions, 5 deletions
diff --git a/src/man/sv/sssd.conf.5.xml b/src/man/sv/sssd.conf.5.xml index b8aded6..b619f32 100644 --- a/src/man/sv/sssd.conf.5.xml +++ b/src/man/sv/sssd.conf.5.xml @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE reference PUBLIC "-//OASIS//DTD DocBook V4.4//EN" -"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" +<!DOCTYPE reference PUBLIC "-//OASIS//DTD DocBook V4.5//EN" +"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [ <!ENTITY sssd_user_name SYSTEM "sssd_user_name.include"> ]> @@ -1463,7 +1463,7 @@ pam_account_locked_message = Kontot är låst, kontakta kundtjänsten. Enable passkey device based authentication. </para> <para> - Standard: False + Standard: True </para> </listitem> </varlistentry> @@ -1565,7 +1565,7 @@ pam_cert_verification = partial_chain </listitem> </varlistentry> <varlistentry> - <term>pam_p11_allowed_services (heltal)</term> + <term>pam_p11_allowed_services (string)</term> <listitem> <para> En kommaseparerad lista av PAM-tjänstenamn för vilka det kommer vara @@ -3285,6 +3285,23 @@ DNS-fråga om tjänsteupptäckt. </varlistentry> <varlistentry> + <term>failover_primary_timeout (integer)</term> + <listitem> + <para> + When no primary server is currently available, SSSD fail overs to a backup +server. This option defines the amount of time (in seconds) to wait before +SSSD tries to reconnect to a primary server again. + </para> + <para> + Note: The minimum value is 31. + </para> + <para> + Default: 31 + </para> + </listitem> + </varlistentry> + + <varlistentry> <term>override_gid (heltal)</term> <listitem> <para> @@ -3485,7 +3502,8 @@ provider) only support a password based authentication, while others can handle PKINIT based Smartcard authentication (AD, IPA), two-factor authentication (IPA), or other methods against a central instance. By default in such cases authentication is only performed with the methods -supported by the backend. +supported by the backend. With this option additional methods can be enabled +which are evaluated and checked locally. </para> <para> There are three possible values for this option: match, only, @@ -3496,6 +3514,35 @@ local authentication. As an example, <quote>enable:passkey</quote>, only enables passkey for local authentication. Multiple enable values should be comma-separated, such as <quote>enable:passkey, enable:smartcard</quote> </para> + + <para> + The following table shows which authentication methods, if configured +properly, are currently enabled or disabled for each backend, with the +default local_auth_policy: <quote>match</quote> + </para> + <informaltable frame='all'> + <tgroup cols='3'> + <colspec colname='c1' align='center'/> + <colspec colname='c2' align='center'/> + <colspec colname='c3' align='center'/> + + <thead> + <row><entry namest='c1' nameend='c3' align='center'> + local_auth_policy = match (default)</entry></row> + <row><entry></entry><entry>Passkey</entry> + <entry>Smartcard</entry></row> + </thead> + <tbody> + <row><entry>IPA</entry><entry>aktiverat</entry> + <entry><para>aktiverat</para> + </entry></row> + <row><entry>AD</entry><entry>disabled</entry> + <entry><para>aktiverat</para></entry> + </row> + <row><entry>LDAP</entry><entry>disabled</entry> + <entry><para>disabled</para></entry> + </row> + </tbody></tgroup></informaltable> <para> Please note that if local Smartcard authentication is enabled and a Smartcard is present, Smartcard authentication will be preferred over the |